Have You Discovered a Security Flaw on the PSN That Puts Credit Card Data at Risk?

Playstation Network

The Mp1st website reports having discovered a security flaw on the PlayStation Network, which would allow attackers with login data to use credit cards associated with accounts to make purchases, without having to use any security code.

As reported, the problem is related to the CVV, or the three-digit credit card security and control code: the code in question is mandatory in order to register your card on the PSN but operating or making purchases directly from the console the CVV it is not required, unless accessed from a different location and therefore with a connection that is not recognized or never used before.

However, it seems that this system is actually easily deceptive and some hackers would have found a way to bypass the code request with relative simplicity. Mp1st spoke to various hackers and modders who confirmed that the flaw involves the entire PlayStation Network, regardless of the device used to log in.

Various testimonies speak of a known problem for at least five years, but only recently did Sony realize the seriousness of the situation. One YouTuber has even reported the problem through the HackerOne service but receiving answers that are not too convincing, in which we talk about a problem that does not voluntarily harm users, falling within the normal case of online fraud.

Sony has recently updated the PSN Security FAQ page, we invite you to activate two-step verification of your PlayStation Network account, so as to minimize any risks.